I downloaded Windows Media Player, and then everything slowed to a crawl.....from working normally before. I remembered adwcleaner from coming on here before, but when I hit "Clean" after the scan - it would just stop and not finish cleaning. I tried a few times with the same results. Here is the log adwcleaner gave:

Application errors:
==================
Error: (09/27/2017 12:20:09 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

CodeIntegrity:
===================================
Date: 2017-09-27 04:10:05.838
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\IObit\Advanced SystemCare\KB4040724.cab_Temp\DE46C8B5-91AC-4E33-9819-B0819206B8D0\amd64_microsoft-windows-shell-ppishell_31bf3856ad364e35_10.0.15063.608_none_96f8f6b758addb26\ppishell.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-09-27 04:09:59.775
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\IObit\Advanced SystemCare\KB4040724.cab_Temp\DE46C8B5-91AC-4E33-9819-B0819206B8D0\amd64_microsoft-windows-s..te-ppiupdatemanager_31bf3856ad364e35_10.0.15063.608_none_800a4d21830a7730\ppiupdatemanager.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-09-27 04:08:46.276
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\IObit\Advanced SystemCare\KB4040724.cab_Temp\00E2ACE1-4BC2-4AD7-B3B8-7B492C904044\amd64_microsoft-windows-s..te-ppiupdatemanager_31bf3856ad364e35_10.0.15063.608_none_800a4d21830a7730\ppiupdatemanager.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-09-27 04:08:38.335
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\IObit\Advanced SystemCare\KB4040724.cab_Temp\00E2ACE1-4BC2-4AD7-B3B8-7B492C904044\amd64_microsoft-windows-shell-ppishell_31bf3856ad364e35_10.0.15063.608_none_96f8f6b758addb26\ppishell.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-09-27 04:07:38.642
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\IObit\Advanced SystemCare\KB4022715.cab_Temp\3F98808B-29B5-4BFB-9813-7450306D1D4A\wow64_windows-devices-perception_31bf3856ad364e35_10.0.14393.1198_none_458f6cdd230938e1\windows.devices.perception.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-09-27 04:07:32.832
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\IObit\Advanced SystemCare\KB4022715.cab_Temp\3F98808B-29B5-4BFB-9813-7450306D1D4A\wow64_microsoft-windows-t..-remoteapplications_31bf3856ad364e35_10.0.14393.1198_none_c22a0cc22b4f0f81\rdpinit.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-09-27 04:07:30.309
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\IObit\Advanced SystemCare\KB4022715.cab_Temp\3F98808B-29B5-4BFB-9813-7450306D1D4A\wow64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.14393.1198_none_becf9c69b63e0f45\gamepanel.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-09-27 04:06:40.089
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\IObit\Advanced SystemCare\KB4022715.cab_Temp\3F98808B-29B5-4BFB-9813-7450306D1D4A\amd64_windows-devices-perception_31bf3856ad364e35_10.0.14393.1198_none_3b3ac28aeea876e6\windows.devices.perception.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-09-27 04:06:10.288
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\IObit\Advanced SystemCare\KB4022715.cab_Temp\3F98808B-29B5-4BFB-9813-7450306D1D4A\amd64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.14393.1198_none_b47af21781dd4d4a\gamepanel.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-09-27 04:06:00.930
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\IObit\Advanced SystemCare\KB4022715.cab_Temp\3F98808B-29B5-4BFB-9813-7450306D1D4A\amd64_microsoft-windows-u..usnotificationuxexe_31bf3856ad364e35_10.0.14393.1358_none_e9bec4a76c71edb7\musnotificationux.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

Unless informed of in advance, failure to post replies within 3 days will result in this thread being closed.

Hi jason

I'm Gary R,

Before we start: Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

As an added safety precaution, before we start removing anything, I'd like you to make a backup of your Registry, which we can restore to if necessary.

Please click on THIS link, and follow the instructions for installing TCRB and creating a backup of your Registry.

Please observe these rules while we work:

Do not edit your logs in any way whatsoever.

Perform all actions in the order given.

If you don't know, stop and ask! Don't keep going on.

Please reply to this thread. Do not start a new topic.

Stick with it till you're given the all clear.

Remember, absence of symptoms does not mean the infection is all gone.

Don't attempt to install any new software (other than those I ask you to) until we've got your computer clean.

Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process. If your defensive programmes warn you about any of those tools, be assured that they are not infected, and are safe to use.

If you can do these things, everything should go smoothly.

Quote:

It may be helpful to you to print out or take a copy of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

There's no sign of an active infection in the logs you've supplied, however there's a few things that do need attending to, so we'll deal with them first and see where that gets us.

First ....

Please uninstall the following programs .....

µTorrent

Advanced SystemCare 10

IObit Uninstaller

Smart Defrag 5

Use of P2P programs is the quickest way to contract an infection that I know of.
IOBit programs have a less than reputable reputation, and are known to steal other people's work and incorporate it into their products.

Reboot your computer once they are all uninstalled.

Next ....

Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

Also, the laptop does seems to be running very good again. Before, the CPU on task manager was near 100% non-stop after I downloaded a Windows Media Player for editing videos about a week ago. I removed it, but the problem remained. Was that the problem?